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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims in the applications: 
Listing of Claims 

1 . (Currently amended) A compact personal token, comprising: 

a USB-compliant interface releaseably coupleable to a host processing device; 
a token memory; 

a token processor, communicatively coupled to the token memory and communicatively 
coupleable to the host processing device via the USB-compliant interface, the token processor for 
providing the host processing device conditional access to user private data stored in the token 
memory; and 

a user input device, communicatively coupled to the token processor by a path distinct from 
the USB-compliant interface, for accepting an input for processing by the token processor to signal 
authorization of a token processor operation providing access to the user private data stored in the 
token memory, the input in response to a message received in the token from the host processing 
device via the USB-compliant interface invoking the token processor operation, wherein user 
authentication occurs on the token, the user input device comprising one of: 

a character input device integrated with the personal token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, and a second 
pressure sensitive device actuatable from the exterior side of the token, wherein actuation of the first 
pressure sensitive device selects a character from said input character set, and actuation of the 
second pressure sensitive device enters the characte r, the first and second pressure sensitive devices 
integrated with the token . 

2. (Original) The apparatus of claim 1, wherein the path is entirely internal to the token. 

3. (Cancelled) 
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4. (Previously presented) The apparatus of claim 1, wherein the user private data is 
designated as requiring authorization before access by an associated identification stored in the 
memory. 

5. (Cancelled) 

6. (Original) The apparatus of claim 5, wherein the input device comprises at least one 
push-button switch. 

7. (Original) The apparatus of claim 1, further comprising: 

an output device, communicatively coupled to the processor by a second path distinct from 
the USB-compliant interface, for prompting a user to provide an authorization of a processor 
operation. 

8. (Original) The apparatus of claim 7, wherein the path and the second path are a 
common path. 

9. (Original) The apparatus of claim 7, wherein the output device prompts the user to 
provide an authorization of the processor operation when processor operation requires access to the 
private data stored in the memory. 

10. (Original) The apparatus of claim 7, wherein the output device comprises at least one 
light-emitting device. 

1 1 . (Original) The apparatus of claim 7, wherein the output device comprises at least one 
aural reproduction device. 

12. (Original) The apparatus of claim 7, wherein the output device comprises at least one 
liquid crystal display (LCD). 



3 



Application No.: 09/449,159 Docket No.: 35997-215458 (formerly 30074.26US11) 

13. (Original) The apparatus of claim 7, wherein the output device provides an 
alphanumeric message indicating that user input is required. 

14. (Original) The apparatus of claim 13, wherein the alphanumeric message identifies 
the processing operation. 

15. (Original) The apparatus of claim 13, wherein the alphanumeric message identifies a 
private key. 

16. (Cancelled) 

17. (Cancelled) 

18. (Currently amended) A method of authorizing access to private data stored in a token 
having a processor communicatively coupled to a host processor via a Universal Serial Bus (USB) 
interface, comprising the steps of: 

authenticating a user identity in the token; 

accepting a command in the token invoking a token processor operation via the USB 
interface; 

accepting a user input signaling authorization of the token processor operation via an input 

device; 

providing the user input to the token processor via a communication path distinct from 
the USB-compliant interface; and 

processing the user input in the token processor to authorize the invoked token processor 
operation, wherein the input device comprises one of: 

a character input device integrated with the token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, and a 
second pressure sensitive device actuatable from the exterior side of the token, wherein actuation of 
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the first pressure sensitive device selects a character from said input character set, and actuation of 
the second pressure sensitive device enters the character , the first and second pressure sensitive 
devices integrated with the token . 

19. (Previously presented) The method of claim 18, further comprising the steps 

of: 

determining if the processor operation requires access to the private data stored in the 
token; and 

prompting a user to authorize the processor operation via an output device communicatively 
coupled to the processor if the processor operation requires access to private data stored in a 
memory in the token. 

20. (Original) The method of claim 19, wherein the output device is communicatively 
coupled to the processor by a second communication path distinct from the USB-compliant 
interface. 

21 . (Original) The method of claim 20, wherein the first path and the second path are 
common. 

22. (Original) The method of claim 20, wherein the step of determining if the processor 
requires access to a private key stored in the token comprises the steps of: 

determining which data stored in the memory is affected by the processor operation; and 
determining whether the data affected by the processor operation is associated with an 
identification designating the data as a private key. 

23. (Original) The method of claim 20, wherein the path is entirely internal to the token. 

24. (Cancelled) 
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25. (Original) The method of claim 24, wherein the input device is a push-button switch 
actuatable from an exterior surface of the token. 

26. (Original) The method of claim 20, wherein the output device comprises at least one 
light emitting device. 

27. (Original) The method of claim 20, wherein the output device comprises at least one 
aural reproduction device. 

28. (Previously presented) The method of claim 20, wherein the output device comprises 
at least one liquid crystal display. 

29. (Original) The method of claim 20, wherein the step of prompting the user to 
authorize the processor operation via an output device comprises the step of: 

providing an alphanumeric message indicating that user input is required. 

30. (Original) The method of claim 29, wherein the alphanumeric message identifies the 
processing operation. 

3 1 . (Original) The method of claim 29, wherein the alphanumeric message identifies the 
private data. 

32. (Cancelled) 

33. (Cancelled) 

34. (Original) The method of claim 20, wherein the command is an 
authorization request including a challenge value and the processor operation is a hash function 
using the challenge value and the private data. 
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35. (Currently amended) A program storage device, readable by a computer, tangibly 
embodying at least one program of instructions executable by the computer to perform method steps 
of authorizing access to private data stored in a token having a processor communicatively coupled 
to a host processor via a Universal Serial Bus (USB) interface, the method steps comprising the 
steps of: 

authenticating, in the token, a user identity; 

accepting a command in the token invoking a token processor operation via the USB- 
compliant 
interface; 

determining, in the token, if the token processor operation requires access to the private 
data stored in the token; 

prompting the user to authorize the token processor operation via an output device 
communicatively coupled to the token processor by a path distinct from the USB-compliant 
interface if the token processor operation requires access to a private data stored in a memory in 
the token; 

accepting a user input signaling authorization of the token processor operation via an input 
device; and 

providing the user input to the token processor via a communication path distinct from the 
USB-compliant interface, wherein the input device comprises one of: 

a character input device integrated with the token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, 
and a second pressure sensitive device actuatable from the exterior side of the token, wherein 
actuation of the first pressure sensitive device selects a character from said input character set, 
and actuation of the second pressure sensitive device enters the characte r, the first and second 
pressure sensitive devices integrated with the token . 
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36. (Original) The program storage device of claim 35, wherein the first path and the 
second path are common. 

37. (Original) The program storage device of claim 35, wherein the method step of 
determining if the processor requires access to a private key stored in the token comprises the steps 
of: 

determining which data stored in the memory is affected by the processor operation; and 
determining whether the data affected by the processor operation is associated with an 
identification designating the data as the private key. 

38. (Original) The program storage device of claim 35, wherein the path is entirely 
internal to the token. 

39. (Cancelled) 

40. (Original) The program storage device of claim 39, wherein the input device is a 
push-button switch actuatable from an exterior surface of the token. 

41. (Original) The program storage device of claim 35, wherein the output device 
comprises at least one light emitting device. 

42. (Original) The program storage device of claim 35, wherein the 
output device comprises at least one aural reproduction device. 

43. (Original) The program storage device of claim 35, wherein the output device 
comprises at least one liquid crystal display. 

44. (Original) The program storage device of claim 35, wherein the method step of 
prompting the user to authorize the processor operation via an output device comprises the method 
step of: 



8 



Application No.: 09/449,159 



Docket No.: 35997-215458 (formerly 30074.26US11) 



providing an alphanumeric message indicating that user input is required. 

45. (Original) The program storage device of claim 44, wherein the alphanumeric 
message identifies the processing operation. 

46. (Original) The program storage device of claim 44, wherein the 
alphanumeric message identifies the private data. 

47. (Cancelled) 

48. (Cancelled) 

49. (Currently amended) A compact personal token, comprising: 

a USB-compliant interface releaseably coupleable to a host processing device; 
a token memory; 

a token processor, coupled to the token memory and communicatively coupleable to the host 
processing device via the USB-compliant interface, the token processor for providing the host 
processing device conditional access to store and retrieve data storable in the token memory, the 
data including a personal identification private to the user; and 

a user input device, communicatively coupled to the token processor by a path distinct from 
the USB-compliant interface, for accepting a user input describing the personal identification, the 
user input device for authenticating by the token the personal identification private to the user, the 
user input device comprising one of: 

a character input device integrated with the personal token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, and a 
second pressure sensitive device actuatable from the exterior side of the token, wherein actuation of 
the first pressure sensitive device selects a character from said input character set, and actuation of 
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the second pressure sensitive device enters the character , the first and second pressure sensitive 
devices integrated with the token . 

50. (Cancelled) 

5 1 . (Previously presented) A compact personal token, comprising: 

a USB-compliant interface releaseably coupleable to a host processing device; 
a memory; 

a processor, coupled to the memory and communicatively coupleable to the host processing 
device via the USB-compliant interface, the processor for providing the host processing device 
conditional access to store and retrieve data storable in the memory, the data including a personal 
identification private to the user; and 

a user input device, communicatively coupled to the processor by a path distinct from the 
USB-compliant interface, for accepting a user input describing the personal identification, the user 
input device comprising a character input device, 

the character input device comprising a wheel having an input position for each character 
in an input character set. 

52. (Original) The apparatus of claim 51, wherein each character is selected by 
depression of the wheel. 

53. (Cancelled) 

54. (Previously Presented) A method of authentication using a token having a processor 
communicatively coupled to a host processor via a Universal Serial Bus (USB) compliant interface, 
comprising the steps of: 

accepting a command in the token invoking a token processor operation via the USB- 
compliant interface; 



10 



Application No.: 09/449,159 



Docket No.: 35997-215458 (formerly 30074.26US11) 



determining if the token processor operation requires access to the personal identification 
storable in a memory of the token; 

determining if the personal identification is stored in the memory of the token; 

prompting the user to enter a personal identification if the token processor operation requires 
access to the personal identification and the personal identification is not stored in the memory of 
the token; 

accepting a user input comprising a personal identification via an input device; 
authenticating in the token the user input comprising a personal identification via an input 
device; and 

providing the user input to the processor via a communication path distinct from the 
USB-compliant interface, wherein the input device comprises a first pressure sensitive device 
actuatable from an exterior side of the token, and a second pressure sensitive device actuatable 
from an exterior side of the token, wherein actuation of the first pressure sensitive device 
selects a character from said input character set, and actuation of the second pressure sensitive 
device enters the character as at least a portion of the personal identification. 

55. (Cancelled) 

56. (Previously presented) The method of claim 54, wherein the step of prompting the 
user to enter the personal identification number comprises the step of activating a user output device 
via a second communication path distinct from the USB compliant interface. 

57. (Original) The method of claim 54, wherein the input device comprises a character 
input device. 

58. (Previously presented) A method of authentication using a token having a processor 
communicatively coupled to a host processor via a Universal Serial Bus (USB) compliant interface, 
comprising the steps of: 
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accepting a command in the token invoking a processor operation via the USB- 
compliant interface; 

determining if the processor operation requires access to the personal identification 
storable in a memory of the token; 

determining if the personal identification is stored in the memory of the token; 

prompting the user to enter a personal identification if the processor operation requires 
access to the personal identification and the personal identification is not stored in the memory of 
the token; 

accepting a user input comprising a personal identification via an input device; 

and 

providing the user input to the processor via a communication path distinct from the 
USB-compliant interface, wherein the input device comprises a character input device, the character 
input device comprising a wheel having an input position for each character in an input character 
set. 

59. (Original) The method of claim 58, wherein each character is selected by depression 
of the wheel. 

60. (Cancelled) 

61 . (Currently amended) A compact personal token, comprising: 

a USB-compliant interface releaseably coupleable to a host processing device; 
a token memory; 

a token processor, communicatively coupled to the token memory and communicatively 
coupleable to the host processing device via the USB-compliant interface, the token processor for 
providing the host processing device conditional access to user private data storable in the token 
memory; and 

a user input device, communicatively coupled to the token processor by a path distinct from 
the USB-compliant interface, the user input device for signaling authorization of a token processor 
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operation invoked by a message received in the token via the USB-compliant interface, wherein the 
token authenticates user identity, the user input device comprising one of: 

a character input device integrated with the personal token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, and a 
second pressure sensitive device actuatable from the exterior side of the token, wherein actuation of 
the first pressure sensitive device selects a character from said input character set, and actuation of 
the second pressure sensitive device enters the characte r, the first and second pressure sensitive 
devices integrated with the token . 

62. (Original) The apparatus of claim 61, wherein the user input device is 
configured to control an operation of the processor. 

63. (Original) The apparatus of claim 61, wherein the operation comprises an 
operation selected from the group comprising: 

an encryption operation; and 
a decryption operation. 

64. (Original) The apparatus of claim 61, wherein the operation comprises a digital 
signature operation using a private key stored in the memory. 

65. (Cancelled) 

66. (Original) The apparatus of claim 61, wherein the input device 
comprises at least one push-button switch. 

67. (Original) The apparatus of claim 61, further comprising an output device, 
communicatively coupled to the processor by path distinct from the USB-compliant interface, for 
providing information regarding the operation of the processor. 
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68. (Original) The apparatus of claim 67, wherein the output device comprises at least 
one light emitting device. 

69. (Original) The apparatus of claim 67, wherein the output device comprises at least 
one liquid crystal display. 

70. (Original) The apparatus of claim 67, wherein the output device comprises at least 
one aural output device. 

71 . (Currently amended) A method of authorizing access to private data stored in a token 
having a processor communicatively coupled to a host processor via a Universal Serial Bus (USB) 
interface, comprising the steps of: 

authenticating a user identity in the token; 

accepting a command in the token invoking a token processor operation via the USB- 
compliant interface; 

accepting a user input to control the token processor operation via an input device; and 
providing the user input to the token processor via a communication path distinct from the 
USB-compliant interface, wherein the input device comprises one of: 

a character input device integrated with the token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, and 
a second pressure sensitive device actuatable from the exterior side of the token, wherein 
actuation of the first pressure sensitive device selects a character from said input character set, 
and actuation of the second pressure sensitive device enters the character , the first and second 
pressure sensitive devices integrated with the token . 

72. (Original) The method of claim 71, wherein the operation comprises an 
operation selected from the group comprising: 

an encryption operation; 
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a decryption operation; and 

a digital signature operation using a private key. 

73. (Cancelled) 

74. (Original) The method of claim 71 , further comprising the step of prompting the user 
to control the processor operation via an output device communicatively coupled to the processor by 
a second path distinct from the USB-compliant interface. 

75. (Original) The method of claim 74, wherein the path and the second path are 
common. 

76. (Previously presented) The method of claim 74, wherein the output device is 
selected from the group comprising: 

a light emitting device; 
a liquid crystal display; and 
an aural reproduction device. 

77. (Currently amended) A compact personal token, comprising: 

a USB-compliant interface releaseably coupleable to a host processing device; 
a token memory; 

a token processor, communicatively coupled to the token memory and communicatively 
coupleable to the host processing device via the USB-compliant interface, the token processor for 
providing the host processing device conditional access to data storable in the memory; the token 
processor for authenticating a user identity; 

a user output device, communicatively coupled to the USB-compliant interface, for 
providing an indication of a data signal from the USB-compliant interface; and 
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a user input device for receiving an input to signal authorization to provide the host 
processing device access to said data storable in the memory, the user input device comprising one 
of: 

a character input device integrated with the personal token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, 
and a second pressure sensitive device actuatable from the exterior side of the token, 
wherein actuation of the first pressure sensitive device selects a character from said input 
character set, and actuation of the second pressure sensitive device enters the character , the 
first and second pressure sensitive devices integrated with the token . 

78. (Cancelled) 

79. (Cancelled) 

80. (Currently amended) A compact personal token, comprising: 

a USB-compliant interface releaseably coupleable to a host processing device; 
a token memory; 

a token processor, communicatively coupled to the token memory and communicatively 
coupleable to the host processing device via the USB-compliant interface, the token processor for 
providing the host processing device conditional access to data storable in the token memory, the 
token processor authenticating a user identify; 

a user output device, communicatively coupled to the token processor; and 
a user input device for receiving an input to signal authorization to provide the host 
processing device access to said data storable in the memory, the user input device comprising one 
of: 

a character input device integrated with the personal token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 
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a first pressure sensitive device actuatable from an exterior side of the token, and a 
second pressure sensitive device actuatable from the exterior side of the token, wherein actuation of 
the first pressure sensitive device selects a character from said input character set, and actuation of 
the second pressure sensitive device enters the character , the first and second pressure sensitive 
devices integrated with the token . 

81 . (Original) The apparatus of claim 80, wherein the user output device is coupled to 
the processor by a path distinct from the USB-compliant interface. 

82. (Original) The apparatus of claim 80, wherein the user output device is configured to 
indicate the operation of the processor. 

83. (Original) The apparatus of claim 80, wherein the operation comprises an operation 
selected from the group comprising: 

an encryption operation; 

a decryption operation; and 

a digital signature operation using a private key. 

84. (Previously presented) The apparatus of claim 80, wherein the user output device is 
selected from a group comprising: 

at least one light emitting device; 
at least one liquid crystal display; and 
at least one aural device. 

85. (Original) The apparatus of claim 80, further comprising an input 

device, communicatively coupled to the processor by path distinct from the USB-compliant 
interface, for providing information for the operation of the processor. 
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86. (Currently amended) A method of authorizing access to private data 

stored in a token having a processor communicatively coupled to a host processor via a Universal 
Serial Bus (USB) interface, comprising the steps of: 
authenticating in the token a user identity; 

accepting a command in the token invoking a token processor operation via the USB- 
compliant interface; and 

signaling the token processor operation, via a user output device communicatively coupled 
to the token processor via a communication path distinct from the USB-compliant interface; 

receiving, at a user input device of the token, an input signaling authorization of the token 
processor operation, wherein the user input device comprising one of: 

a character input device integrated with the personal token , the character input device 
comprising a wheel having an input position for each character in an input character set; or 

a first pressure sensitive device actuatable from an exterior side of the token, and a 
second pressure sensitive device actuatable from the exterior side of the token, wherein actuation of 
the first pressure sensitive device selects a character from said input character set, and actuation of 
the second pressure sensitive device enters the character , the first and second pressure sensitive 
devices integrated with the token . 

87. (Original) The method of claim 86, wherein the operation comprises an 
operation 

selected from the group comprising: 
an encryption operation; 
a decryption operation; and 
a digital signature operation using a private key. 

88. (Cancelled) 
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89. (Original) The method of claim 86, wherein the user output device is selected from 
the group comprising: 

at least one light emitting device; 
at least one liquid crystal display; and 
an aural device. 
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